Viral 'FaceApp' Aging App Gives Russia-Based Firm "Perpetual, Irrevocable" Rights To Personal Content

FaceApp, the popular application that has become a viral trend for showing what people would look like after they age 30 years, isn't well known to be a Russia-based piece of software. Its even lesser known that the terms and conditions of the app grant it ‘perpetual, irrevocable’ rights to your content, according to a new report from Fox 29

The app has skyrocketed in popularity over the last couple of weeks because it allows users to digitally alter their age. Many celebrities have even joined in and posted photographs of what their elder selves may look like. More than 1 million users have downloaded the app from Google and it is now the number one app in the Apple store.

But, what most users don't know, is that the terms and conditions of the software "allow it to access to use, modify, adapt and publish any images that a user offers up in exchange for its free artificial intelligence service."

This prompted Senate Minority leader Chuck Schumer to play the "Russia, Russia, Russia" card, sending a letter to the FBI and FTC requesting them to conduct an investigation into the app. He wrote that the app "could pose national security and privacy risks for millions of U.S. citizens." Schumer's main concerns were:

In order to operate the application, users must provide the company full and irrevocable access to their personal photos and data. According to its privacy policy, users grant FaceApp license to use or publish content shared with the application, including their username or even their real name, without notifying them or providing compensation.

Furthermore, it is unclear how long FaceApp retains a user’s data or how a user may ensure their data is deleted after usage. These forms of “dark patterns,” which manifest in opaque disclosures and broader user authorizations, can be misleading to consumers and may even constitute a deceptive trade practices. Thus, I have serious concerns regarding both the protection of the data that is being aggregated as well as whether users are aware of who may have access to it.

In particular, FaceApp’s location in Russia raises questions regarding how and when the company provides access to the data of U.S. citizens to third parties, including potentially foreign governments.

A similar ‘Reds-under-the-bed’ alarm was sounded by Bob Lord, a former Yahoo! executive and current chief security officer for the Democratic National Convention (DNC), who told Democratic campaign staff not to use the app, because it “was developed by Russians.”

And small business lawyer Elizabeth Potts Weinstein also warned about the app's terms, stating “if you use #FaceApp you are giving them a license to use your photos, your name, your username and your likeness for any purpose including commercial purposes (like on a billboard or internet ad).” 

The app's terms read:

“You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate... distribute, publicly perform and display your User Content.”

Former marketing manager for Google and security expert Ariel Hochstadt said:

 “Hackers many time[s] are able to record the websites that people visit, and the activities they perform in those websites, but they don't always know who are those users. Imagine now they used the phone's camera to secretly record a young gay person, that visits gay sites, but didn't yet go public with that, and they connect his face with the websites he is using.” 

He continued:

 “They also know who this image is, with the huge DB they created of Facebook accounts and faces, and the data they have on that person is both private and accurate to the name, city and other details found on Facebook. With so many breaches, they can get information and hack cameras that are out there, and be able to create a database of people all over the world, with information these people didn't imagine is collected on them.”

The app was been around since 2017, when it was created by Wireless Lab in St. Petersburg, Russia. In case you wondered, IT experts are yet to catch FaceApp doing anything nefarious, or at least more nefarious than what other apps out there do. The company has provided assurance that it doesn’t get access to all camera photos, contrary to what some people have claimed, and that the servers used for its AI magic are owned by Amazon and Google.